trust and identity

You trust them? How do you trust them? You apparently don't believe you know any way of identifying them, not even by a pseudonym or a drop box email address. And you have no realistic way to distinguish one of these people you supposedly trust from any of the others.

Let me suggest that, in fact, you do associate these trusted keys with identities. You can sign this association, and that creates a cryptographically trustworthy mechanism for PGP to tell you "Abraham sent this" or "Bethany sent this" when it processes a future message signed with those keys - and that at last sounds like something you might be able to make use of in "online collaboration".

PGP is not a cloud application. The fact that you, on your PC, decided that this particular key belongs to "Abraham" is not automatically a fact shared with the whole world or even with "Abraham". You are not obliged, technically or ethically, to publish it, or tell anybody else. Similarly you are not required or expected to trust that whatever "Abraham" tells people (including by publishing signed keys) is true. You need never tell "Abraham" that you've assigned it this name, and if you prefer you can use outlandish or ridiculous names, "Mr Run-on-sentence" or "Flopdeedoodle"

Identity and trust are separate issues BUT for humans it isn't practical to hang trust on raw thousand-bit key values, so you must do SOMETHING about the identity issue first. That's all PGP/ GPG asks you to do.